Published May 18, 2016|Updated Sep 15, 2017


Alert level: Severe Detected with Windows Defender Antivirus

Also detected as: No associated aliases

Windows Defender detects and removes this threat.

This threat unchecks checkboxes in installation dialogue boxes, effectively messing with choices without your knowledge during installation.

It may be installed together with BrowserModifier:Win32/SupTab and Trojan:Win32/Ghokswa when Trojan:Win32/Xadupi downloads and installs updates. Trojan:Win32/Xadupi, meanwhile is installed by BrowserModifier:Win32/Sasquor, although it may also be installed directly by software bundlers.

This threat is part of a suite of malware and unwanted software families that is also called "Fireball". Read about this threat group in the Windows Security blog: 

Understanding the true size of “Fireball”

Find out ways that malware can get on your PC.  


Latest news